add new convenience function TALER_EXCHANGE_test_account_allowed

author: Christian Grothoff <christian@grothoff.org> 2024-09-10 11:51:11 +0200
committer: Christian Grothoff <christian@grothoff.org> 2024-09-10 11:51:11 +0200
commit: ec567901f52e79867222595a08078b5bc23d859e (patch)
tree: daccba17450ae67d15210240dd5f65d6df2ba91f /src
parent: 269c059a0cea265fbcbf0199b5e3ea931c8d5038 (diff)
3 files changed, 122 insertions, 1 deletions
diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h
index 74bff838d..7c73c5bc7 100644
--- a/src/include/taler_exchange_service.h
+++ b/src/include/taler_exchange_service.h
@@ -36,7 +36,7 @@
  * Version of the Taler Exchange API, in hex.
  * Thus 0.8.4-1 = 0x00080401.
  */
-#define TALER_EXCHANGE_API_VERSION 0x00100004
+#define TALER_EXCHANGE_API_VERSION 0x00100005
 
 /**
  * Information returned when a client needs to pass
@@ -1019,6 +1019,28 @@ TALER_EXCHANGE_test_signing_key (
 
 
 /**
+ * Check if a wire transfer is allowed between
+ * @a account if the exchange and @a payto_uri.
+ *
+ * @param account exchange account to check
+ * @param check_credit true for credit (sending money
+ *   to the exchange), false for debit (receiving money
+ *   from the exchange)
+ * @param payto_uri other bank account (merchant, customer)
+ * @return
+ *   #GNUNET_YES if the exchange would allow this
+ *   #GNUNET_NO if this is not allowed
+ *   #GNUNET_SYSERR if data in @a account is malformed
+ *       or we experienced internal errors
+ */
+enum GNUNET_GenericReturnValue
+TALER_EXCHANGE_test_account_allowed (
+  const struct TALER_EXCHANGE_WireAccount *account,
+  bool check_credit,
+  const char *payto_uri);
+
+
+/**
  * Obtain the denomination key details from the exchange.
  *
  * @param keys the exchange's key set
diff --git a/src/lib/Makefile.am b/src/lib/Makefile.am
index a3a1a5fc5..88d00765f 100644
--- a/src/lib/Makefile.am
+++ b/src/lib/Makefile.am
@@ -78,6 +78,7 @@ libtalerexchange_la_SOURCES = \
   exchange_api_reserves_get_attestable.c \
   exchange_api_reserves_history.c \
   exchange_api_reserves_open.c \
+  exchange_api_restrictions.c \
   exchange_api_stefan.c \
   exchange_api_transfers_get.c
 libtalerexchange_la_LIBADD = \
diff --git a/src/lib/exchange_api_restrictions.c b/src/lib/exchange_api_restrictions.c
new file mode 100644
index 000000000..dcd6c6f2c
--- /dev/null
+++ b/src/lib/exchange_api_restrictions.c
@@ -0,0 +1,98 @@
+/*
+  This file is part of TALER
+  Copyright (C) 2024 Taler Systems SA
+
+  TALER is free software; you can redistribute it and/or modify it under the
+  terms of the GNU General Public License as published by the Free Software
+  Foundation; either version 3, or (at your option) any later version.
+
+  TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+  WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+  A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
+
+  You should have received a copy of the GNU General Public License along with
+  TALER; see the file COPYING.  If not, see
+  <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file lib/exchange_api_restrictions.c
+ * @brief convenience functions related to account restrictions
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include "taler_exchange_service.h"
+#include <regex.h>
+
+
+enum GNUNET_GenericReturnValue
+TALER_EXCHANGE_test_account_allowed (
+  const struct TALER_EXCHANGE_WireAccount *account,
+  bool check_credit,
+  const char *payto_uri)
+{
+  unsigned int limit
+    = check_credit
+    ? account->credit_restrictions_length
+    : account->debit_restrictions_length;
+
+  /* check wire method matches */
+  {
+    char *wm1;
+    char *wm2;
+    bool ok;
+
+    wm1 = TALER_payto_get_method (payto_uri);
+    wm2 = TALER_payto_get_method (account->payto_uri);
+    ok = (0 == strcmp (wm1,
+                       wm2));
+    GNUNET_free (wm1);
+    GNUNET_free (wm2);
+    if (! ok)
+      return GNUNET_NO;
+  }
+
+  for (unsigned int i = 0; i<limit; i++)
+  {
+    const struct TALER_EXCHANGE_AccountRestriction *ar
+      = check_credit
+      ? &account->credit_restrictions[i]
+      : &account->debit_restrictions[i];
+
+    switch (ar->type)
+    {
+    case TALER_EXCHANGE_AR_INVALID:
+      GNUNET_break (0);
+      return GNUNET_SYSERR;
+    case TALER_EXCHANGE_AR_DENY:
+      return GNUNET_NO;
+    case TALER_EXCHANGE_AR_REGEX:
+      {
+        regex_t ex;
+        bool allowed = false;
+
+        if (0 != regcomp (&ex,
+                          ar->details.regex.posix_egrep,
+                          REG_NOSUB | REG_EXTENDED))
+        {
+          GNUNET_break_op (0);
+          return GNUNET_SYSERR;
+        }
+        if (regexec (&ex,
+                     payto_uri,
+                     0, NULL,
+                     REG_STARTEND))
+        {
+          GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+                      "Account `%s' allowed by regex\n",
+                      payto_uri);
+          allowed = true;
+        }
+        regfree (&ex);
+        if (! allowed)
+          return GNUNET_NO;
+        break;
+      }
+    }     /* end switch */
+  }     /* end loop over restrictions */
+  return GNUNET_YES;
+}
author	Christian Grothoff <christian@grothoff.org>	2024-09-10 11:51:11 +0200
committer	Christian Grothoff <christian@grothoff.org>	2024-09-10 11:51:11 +0200
commit	ec567901f52e79867222595a08078b5bc23d859e (patch)
tree	daccba17450ae67d15210240dd5f65d6df2ba91f /src
parent	269c059a0cea265fbcbf0199b5e3ea931c8d5038 (diff)